This might just be a documentation issue, although if signmessage was changed to sign a hash of the passed-in message instead of the message itself then it would be completely safe.
signmessage already hash the message before signing it. Yes you could paper over the problem by making signmessage use a different hash function or prepend some idiosyncratic but standardized padding to the message before hashing or use >2 rounds of SHA256.
By "idiosyncratic but standardized padding", do you mean just adding some chars in a predefined way ? If 2 lines of code could avoid potential problems, we should add them :p |
|
|
|
The issue with doing DNS delegation is that it doesn't work behind Tor. It would work on the exit node, but it would be very limiting if you could only use participating exit nodes.
That's true, but I'm still impartial about this. I still think most people would want the system to work as a domain registry. I wish more people gave their opinion about this. So if someone's going to launch a DNS bridge next week, would you recommend them not to include this functionality?  I would like this software to work as a domain registry too. All DNS servers in the world already work in a decentralized way. The only thing that is centralized is domain registry, and that is where domains are seized. Here is an example : A. domain : bitcoin-contact.orgB. nameservers : NS0.WEB-SWEET-WEB.NET, NS1.WEB-SWEET-WEB.NET C. zone config (simplified) : IN NS ns0.web-sweet-web.net.
IN NS ns1.web-sweet-web.net.
* IN A 188.165.40.52
www IN A 188.165.40.52 So, to explain how it works : A. domain registry owns bitcoin-contact.org and say it is managed by two name servers : NS0.WEB-SWEET-WEB.NET, NS1.WEB-SWEET-WEB.NET B. name servers are standard DNS servers that respond to dns queries : bitcoin-contact.org => 188.165.40.52, or www.bitcoin-contact.org => 188.165.40.52 On your domain registry account, you can change the 2 nameservers if you want, and dns queries for your domain will be sent to those new servers. This is where the system is decentralized, because you can use whatever dns server you want (and make your own too). But, other people (your domain provider, ICANN, etc) can change those two nameservers, because they control your domain (directly or indirectly). They can also lock you domain registry account. So, the only part that still needs to be decentralized is domain registration, with name servers associated. In the namecoin system, this may looks something like : {
'domain':'mydomain.bit',
'nameserver':
[
"NS0.WEB-SWEET-WEB.NET",
"NS1.WEB-SWEET-WEB.NET",
"NS0.XNAME.ORG",
"NS1.XNAME.ORG",
"87.98.164.164",
]
}Then, re-use a standard DNS server to do everything else, to be compatible with existing technology. |
|
|
|
|
On linux, bitcoind, 64bits :
./bitcoind
=> bitcoind doesn't display "bitcoin server starting" and doesn't return to the next line of the terminal.
But, from another terminal, i can send rpc commands and all seams to work.
I can launch "./bitcoind stop" and bitcoind stops in the first terminal.
The problem doesn't appear with the -daemon option.
This problem didn't exist in the 0.3.20.2 release.
|
|
|
|
Pull request : https://github.com/bitcoin/bitcoin/pull/183Adds two rpc commands : - signmessage <bitcoinaddress> <message> - verifymessage <pubkey> <sign> <message> It allows to sign a message with the public key of a bitcoin address you own, to be sure of the identity of the sender. Sign :./bitcoind signmessage 1L5zqFahc8Ahu9wtgJqCeJMendvD174xsG "Hi github users :p"
{
"address" : "1L5zqFahc8Ahu9wtgJqCeJMendvD174xsG",
"pubkey" : "04ef6e366cd6b0b8fbf02c0c25ad39fe892b90c597875899fdc9db16941cf43fb8c429e0534cb8b972f5cc9f1a50f36dc3352ffad427f073e1c64a145828a3be6e",
"sign" : "3046022100a80b6e0c7c54c54ba943f4e3cde12f5a7dc5313e3f0a15ce868f01683ced64fa0221008b4ad7d3800a11c241dcef7aaf44c8224a7d9f1e54d3e669bf4887036b6d10af"
} ./bitcoind verifymessage <above pubkey> <above sign> "Hi github users :p"
{
"address" : "1L5zqFahc8Ahu9wtgJqCeJMendvD174xsG",
"pubkey" : "04ef6e366cd6b0b8fbf02c0c25ad39fe892b90c597875899fdc9db16941cf43fb8c429e0534cb8b972f5cc9f1a50f36dc3352ffad427f073e1c64a145828a3be6e"
} An json error will be displayed if there was a problem, otherwise, it displays the bitcoin address associated with the public key used to sign the message. This patch allows you, for example, to send message to your customer and to prove it really comes from you, by using the public and private keys associated with your bitcoin address. Reviews and comments are welcomed, I don't know if all is used as it should. |
|
|
|
|
Indeed, CaCert certificate is not added everywhere (but they should be in your ubuntu (/etc/ssl/certs/cacert.org.pem), so Chromium use their own embed certificates).
|
|
|
|
So, i have found the first certified lost coins  (a lost wallet can't be proven :p) |
|
|
|
|
Pool managers should publicly say what rules they follow, what they accept, what they don't and what they prioritize if they don't follow the "standard" rules of bitcoind. Do they already use other rules ?
|
|
|
|
|
- Patch has been updated to support HTTPS only for secured requests
- file naming has moved to :
Domain owner : /bitcoin-address-domain.json (instead of /bitcoin-address.txt)
Users : /bitcoin-address/user.json (instead of /bitcoin-address-user.txt)
|
|
|
|
|
- Patch has been updated to support HTTPS only for secured requests (thanks BlueMatt, it must be like that).
- file naming has moved to jav proposal (thanks jav) :
/bitcoin-address.json (instead of /bitcoin-address.txt)
/bitcoin-address/user.json (instead of /bitcoin-address-user.txt)
|
|
|
|
My last proposal is inspired by the new bitseed bootstrap of the bitcoin client. 2 domains are declared in bitcoin : - bitseed.xf2.org bitseed.xf2.org has address 109.75.176.193 bitseed.xf2.org has address 142.58.248.28 bitseed.xf2.org has address 173.242.112.53 bitseed.xf2.org has address 174.120.185.74 bitseed.xf2.org has address 178.18.90.41 bitseed.xf2.org has address 178.63.15.200 bitseed.xf2.org has address 178.63.62.15 bitseed.xf2.org has address 217.157.1.202 bitseed.xf2.org has address 69.163.132.101 bitseed.xf2.org has address 69.164.218.197 bitseed.xf2.org has address 91.85.220.84 - bitseed.bitcoin.org.uk They both return a list of ip nodes to bootstrap to. We can do the same with : - bitfetch.xxxxxx.yyy => a list of ip - bitfetch.yyyyyy.zzz => a list of ip - more That would return a list of servers ip, with ssl enabled, that accepts to do requests for you. Example 1 : Input : khalahan@sky-animes.comDomain sky-animes.com has ssl ! :p request 1 : https://sky-animes.com/boitcoin-address/khalahan.jsonExample 2 : Input : khalahan@tartuffxxyy.comDomain tartuffxxyy.com has no ssl request 1 : http://tartuffxxyy.com/boitcoin-address/khalahan.jsonrequest 2 : https://bitfetch.yyyyyy.zzz/fetchaddress/tartuffxxyy.com/boitcoin-address/khalahan.json=> 2 results are compared. That way it is half centralized, but a bit complicated though. So, next step is to add SSL support in requests :p ps : web browsers don't complain when the certificated has changed, but complain for a self signed certificate. Where is the security here ? (there's a ff plugin to check this, i don't remember the name) |
|
|
|
Which ever one is better, neither should ever use HTTP even as a fallback. SSL should ALWAYS be on and enforced no matter what the user wants. Sites which allow users to register an account which will be then pushed out via SSL shouldn't be too hard to find (hopefully as a part of online wallet services) but never should and kind of unencrypted/unsigned addresses be used.
So, you wan't to restrict this function to account providers only and geeks ? All people that wan't to publish their address on http://myblog.blogproviderwithoutssl.com can't use http://myblog.blogproviderwithoutssl.com/bitcoin.txt as shortcut ? It's not a problem for me because i know how to do it and i've control over my servers (i've a default self signed certificate on https://bitcoin-contact.org for example), but i'm not representative of all people... Here's my response on github about that problem: A bitcoin user is vulnerable to a MITM attack because of DNS resolution not using DNSSEC (irc connections, dnsseed and dyndns) and TCP connections to ip not using SSL verifiable certificates. Once he controls all connections...
Possibilities for the attacker are :
- make the user believe he has been paid by sending a transaction from already spent coins on the real nodes
- generate fake blocks for confirmations and fake transactions
So, you can't really trust 100% what is displayed by your bitcoin client ?
By fetching addresses in http, it adds an additional risk :
- a user can send coins directly to the attacker
I admit it is a big risk, but it should not block the possibility to fetch an address even if the connection is not secured. However, the user should be warn in this case and decide what to do with a manual action (you won't send 500BTC that way do you ?).
A way to do it securely would be to send the fetch request to connected first level nodes and compare results (or shasum to shorten the message). But, bitcoin network is not ready/designed for trusted nodes.
Another solution is to have a centralized site for address fetching. If a think a centralized solution was good i would already have linked my patch with my domain :p. Maybe, I could fetch both from a direct request to the website and make a second request to one of the trusted ip (declared like bitseed ips) ? What do you think about the alternatives ? |
|
|
|
Hey! Great to see you are working on a "Bitcoin address discovery system". That would definitely be cool to have! I was thinking about that myself and am still unsure, if I would not prefer this to be its on daemon. So let's say you would connect to the domain in question on some well-known port (say 8334) and be connected to a simple daemon which you can then query for those things. Somehow that seems like a good thing to do to me, considering "separation of concerns" and all that. I guess you went with this route in order to make it much simpler to deploy? That's definitely a big advantage, I agree. So maybe that's the pragmatic thing to do to actually see some adoption of it and some point. If we marry it to the webserver, I would prefer these changes though: 1. Use .json instead of .txt as the file ending 2. Move all the user lookups ( user@example.org) to a folder, as to not "clutter up" the root folder too much So that would mean: /bitcoin-address.json (instead of /bitcoin-address.txt) /bitcoin-address/user.json (instead of /bitcoin-address-user.txt) Good idea for the directory. People who do not want to use php and want a simple solution to use their own domain may also need several addresses. I like things to be at the "right" place :p For .json or .txt, why not (i was hesitating too). |
|
|
|
|
Show Posts
